diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go index d294e96165d7..a6de9f2ac0b5 100644 --- a/vault/logical_system_test.go +++ b/vault/logical_system_test.go @@ -3893,6 +3893,27 @@ func TestSystemBackend_PluginCatalog_ContainerCRUD(t *testing.T) { }) b := c.systemBackend + const pluginRuntime = "custom-runtime" + const ociRuntime = "runc" + conf := pluginruntimeutil.PluginRuntimeConfig{ + Name: pluginRuntime, + Type: consts.PluginRuntimeTypeContainer, + OCIRuntime: ociRuntime, + } + + // Register the plugin runtime + req := logical.TestRequest(t, logical.UpdateOperation, fmt.Sprintf("plugins/runtimes/catalog/%s/%s", conf.Type.String(), conf.Name)) + req.Data = map[string]interface{}{ + "oci_runtime": conf.OCIRuntime, + } + resp, err := b.HandleRequest(namespace.RootContext(nil), req) + if err != nil { + t.Fatalf("err: %v %#v", err, resp) + } + if resp != nil && (resp.IsError() || len(resp.Data) > 0) { + t.Fatalf("bad: %#v", resp) + } + latestPlugin := pluginhelpers.CompilePlugin(t, consts.PluginTypeDatabase, "", c.pluginDirectory) latestPlugin.Image, latestPlugin.ImageSha256 = pluginhelpers.BuildPluginContainerImage(t, latestPlugin, c.pluginDirectory) @@ -3907,11 +3928,13 @@ func TestSystemBackend_PluginCatalog_ContainerCRUD(t *testing.T) { in: map[string]any{ "oci_image": latestPlugin.Image, "sha_256": latestPlugin.ImageSha256, + "runtime": pluginRuntime, }, expected: map[string]interface{}{ "name": "test-plugin", "oci_image": latestPlugin.Image, "sha256": latestPlugin.ImageSha256, + "runtime": pluginRuntime, "command": "", "args": []string{}, "builtin": false, @@ -3922,6 +3945,7 @@ func TestSystemBackend_PluginCatalog_ContainerCRUD(t *testing.T) { in: map[string]any{ "oci_image": pluginV100.Image, "sha256": pluginV100.ImageSha256, + "runtime": pluginRuntime, "command": "plugin", "args": []string{"--a=1"}, "version": pluginVersion, @@ -3931,6 +3955,7 @@ func TestSystemBackend_PluginCatalog_ContainerCRUD(t *testing.T) { "name": "test-plugin", "oci_image": pluginV100.Image, "sha256": pluginV100.ImageSha256, + "runtime": pluginRuntime, "command": "plugin", "args": []string{"--a=1"}, "builtin": false, @@ -6701,10 +6726,10 @@ func TestSystemBackend_pluginRuntime_CannotDeleteRuntimeWithReferencingPlugins(t }) b := c.systemBackend - const runtime = "custom-runtime" + const pluginRuntime = "custom-runtime" const ociRuntime = "runc" conf := pluginruntimeutil.PluginRuntimeConfig{ - Name: runtime, + Name: pluginRuntime, Type: consts.PluginRuntimeTypeContainer, OCIRuntime: ociRuntime, } @@ -6714,11 +6739,6 @@ func TestSystemBackend_pluginRuntime_CannotDeleteRuntimeWithReferencingPlugins(t req.Data = map[string]interface{}{ "oci_runtime": conf.OCIRuntime, } - - const pluginVersion = "v1.16.0" - plugin := pluginhelpers.CompilePlugin(t, consts.PluginTypeDatabase, pluginVersion, c.pluginDirectory) - plugin.Image, plugin.ImageSha256 = pluginhelpers.BuildPluginContainerImage(t, plugin, c.pluginDirectory) - resp, err := b.HandleRequest(namespace.RootContext(nil), req) if err != nil { t.Fatalf("err: %v %#v", err, resp) @@ -6727,19 +6747,23 @@ func TestSystemBackend_pluginRuntime_CannotDeleteRuntimeWithReferencingPlugins(t t.Fatalf("bad: %#v", resp) } + const pluginVersion = "v1.16.0" + plugin := pluginhelpers.CompilePlugin(t, consts.PluginTypeDatabase, pluginVersion, c.pluginDirectory) + plugin.Image, plugin.ImageSha256 = pluginhelpers.BuildPluginContainerImage(t, plugin, c.pluginDirectory) + // Register the plugin referencing the runtime. req = logical.TestRequest(t, logical.UpdateOperation, "plugins/catalog/database/test-plugin") req.Data["version"] = pluginVersion req.Data["sha_256"] = plugin.ImageSha256 req.Data["oci_image"] = plugin.Image - req.Data["runtime"] = runtime + req.Data["runtime"] = pluginRuntime resp, err = b.HandleRequest(namespace.RootContext(nil), req) if err != nil || resp.Error() != nil { t.Fatalf("err: %v %v", err, resp.Error()) } // Expect to fail to delete the plugin runtime - req = logical.TestRequest(t, logical.DeleteOperation, fmt.Sprintf("plugins/runtimes/catalog/container/%s", runtime)) + req = logical.TestRequest(t, logical.DeleteOperation, fmt.Sprintf("plugins/runtimes/catalog/container/%s", pluginRuntime)) resp, err = b.HandleRequest(namespace.RootContext(nil), req) if resp == nil || !resp.IsError() || resp.Error() == nil { t.Errorf("expected logical error but got none, resp: %#v", resp) @@ -6757,7 +6781,7 @@ func TestSystemBackend_pluginRuntime_CannotDeleteRuntimeWithReferencingPlugins(t } // This time deleting the runtime should work. - req = logical.TestRequest(t, logical.DeleteOperation, fmt.Sprintf("plugins/runtimes/catalog/container/%s", runtime)) + req = logical.TestRequest(t, logical.DeleteOperation, fmt.Sprintf("plugins/runtimes/catalog/container/%s", pluginRuntime)) resp, err = b.HandleRequest(namespace.RootContext(nil), req) if err != nil || resp.Error() != nil { t.Fatalf("err: %v %v", err, resp.Error()) diff --git a/vault/plugincatalog/plugin_catalog_test.go b/vault/plugincatalog/plugin_catalog_test.go index ceffabf00e6c..94d3f321f084 100644 --- a/vault/plugincatalog/plugin_catalog_test.go +++ b/vault/plugincatalog/plugin_catalog_test.go @@ -803,6 +803,17 @@ func TestPluginCatalog_ErrDirectoryNotConfigured(t *testing.T) { tempDir := catalog.directory catalog.directory = "" + const pluginRuntime = "custom-runtime" + const ociRuntime = "runc" + err := catalog.runtimeCatalog.Set(context.Background(), &pluginruntimeutil.PluginRuntimeConfig{ + Name: pluginRuntime, + Type: consts.PluginRuntimeTypeContainer, + OCIRuntime: ociRuntime, + }) + if err != nil { + t.Fatal(err) + } + tests := map[string]func(t *testing.T){ "set binary plugin": func(t *testing.T) { file, err := os.CreateTemp(tempDir, "temp") @@ -854,6 +865,7 @@ func TestPluginCatalog_ErrDirectoryNotConfigured(t *testing.T) { Name: "container", Type: consts.PluginTypeDatabase, OCIImage: plugin.Image, + Runtime: pluginRuntime, }) if err != nil { t.Fatal(err)